CVE-2011-3077

Published: Apr 5, 2012Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue.

Affected (1)

Products: Google: Chrome

Google

1 product

Chrome

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 18.0.1025.151

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (18)

http://code.google.com/p/chromium/issues/detail?id=120189

Source: cve@mitre.org

ExploitVendor Advisory

http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

Source: cve@mitre.org

Release NotesVendor Advisory

http://secunia.com/advisories/48732

Source: cve@mitre.org

Third Party Advisory

http://secunia.com/advisories/48749

Source: cve@mitre.org

Third Party Advisory

http://security.gentoo.org/glsa/glsa-201204-03.xml

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/52913

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1026892

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/74637

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15343

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=120189